On Wed, Jun 25, 2014 at 15:21:01 CEST, Daniel Breznau wrote: > Hi, > > After reading the FAQ, I’m still unclear on something - if someone knows > an old passphrase to my LUKS encrypted partition, then could it somehow be > used with the master key to decrypt the drive? > > My scenario is this: I’m trying to set up a remote server with an > encrypted drive by having tech support run my bash script that will set it > all up and the script will have an initial passphrase in it. After that, > I’ll SSH in and change the passphrase but wonder if the old one (which > they potentially have laying around in the bash file) could be used to > compromise the root partition. > > Granted, I know there are other vulnerabilities of this - like it being > accessed while running but an encrypted drive is enough to keep out the > curious and slightly more determined. What you need to access a volume is an active keyslot and the matching LUKS header _or_ a copy of the master key. The "old" one in your scenario can be in backups (header backup or binary partition backup), transferred data and with that one you can open the container, even if the passphrase in the container has been changed. This is one reason why to never ship LUKS containers to several people, as they then all can unlock each others containers as they have the same master key. This is the reason behind FAQ Item 6.15. In your scenario, anybody having the initial passphrase and a copy of the LUKS header and keyslots when it was active can extract the master key and access all data. While the ocntainer is mapped (open), also everybody with root access can extract the master key, see FAQ item 6.10. Of if these people run your script as root (which they basically have to do) and map the container, they have access to the master key and there is nothing you can do about it. You also cannot detect they copied anything. Changing the master-key requires re-creartion of the LUKS container. (Not really, but it amounts to the same thing.) If, however, your luks header/keyslot is the only copy, nobody copied the mastyer key and you change the passphrase in that keyslot, then there is no way to recover anything with the old one. The design would be quite broken otherwise, so this is not explained further in the FAQ. Of course, simply adding a passphrase does not wipe the old one out, as the new one goes into a new slot. You have to use luksChangeKey to actually change a passphrase (i.e. 1. wipe old one 2. put new one into the same keyslot). What this boils down to is that you have to trust people that can become root on your machine and disk encryption does not change that one bit. One reason to never store confidential data on vserver or in "the cloud", unless it cannot be decrypted there. As soon as it can be decrypted there (as in a mapped LUKS container), it is not secure at all against the people that control the hardware. Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- A good decision is based on knowledge and not on numbers. - Plato _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
